By Published on

What is Quantum Security?

In the past few months, the topic of quantum security comes up in professional conversations. What does this even mean?  The conversations tend to go as follows:

Them, what do you think about quantum security?

me, what aspect of quantum security?

them, <look of internal thoughts of "is this person dumb?"> you know, quantum security?

me,  security of quantum operating systems? or quantum networking? or quantum key distribution? or quantum cryptography? or something else?

them, oh, post quantum algorithms. How do we migrate all of our code from non-PQC algorithms to PQC algorithms?

This is a conversation I can have. In my mind, it really depends on a few things:

  1. The age and management of the infrastructure, 
  2. how much utilization of cryptographic libraries vs custom encryption code in the codebase, 
  3. standards compliance and certifications (ISO 27001, SOC II, PCI/DSS, HIPAA, GDPR, CCPA, etc), and
  4. software inventory and which encryption algorithms are in use today.

I always start with NIST standards when thinking about the why, what, and where of standards.  NIST released their PQC portal in 2024. They're even developing a PQC migration guide for the US Government, which of course, will be used by industry as well.  The NSA/CSS published a guide a year before the NIST PQC portal. And a year before that, NSA/CSS released the CNSA 2.0 CSA

Smaller organizations can just make the switch today to PQC algorithms:

  • ML-KEM/FIPS 203 for encryption
  • ML-DSA/FIPS 204 for digital signatures
  • SLH-DSA/FIPS 205 for stateless hash-based digital signatures

One of the challenges is that most of the tools we use today don't support the PQC algorithms. OpenSSH supports ML-KEM (and warns when not using it), but doesn't yet support ML-DSA nor SLH-DSA. The common TLS certs (for HTTPS, IMAPS, etc) don't yet support PQC algos.

It's not a sprint, but a marathon, to start using PQC algos now. As the industry introduces the PQC algos into commonly used protocols, having an interchangeable encryption plan is the best path forward. The PQC algos today will not be the PQC algos tomorrow. I advise clients to prepare for future changes. The future will be here before you know it.

However, of all those topics I asked about in the roleplay quote, securing quantum networking is the most interesting to me. Whether it's quantum networking over fiber optic cables or wirelessly via entanglement, I'm fundamentally a network engineer and understand this area the best.  This fits into the area of quantum key distribution (QKD) because fundamentally, the goal is to distribute keys across some sort of a network substrate at distance. Do we need quantum repeaters? What would a quantum internet look like? Also, how does photonic computing and quantum intersect? Are we about to undergo a fundamental shift from classic to quantum computing, and electrical to photonic processing at the same time?

More questions than answers at this point in time. However, from a practical, down to earth approach, follow the NIST PQC migration guidelines, while waiting for the final version to be released. Start an inventory of all cryptographic libraries and code. Start a migration to interchangeable cryptography in codebases. Prepare to test, re-test, and then migrate to PQC algorithms when ready.